A senior database administrator at a subsidiary of Fidelity National Information Services who was responsible for defining and enforcing data access rights at the company took data belonging to about 2.3 million consumers and sold it to a data broker.
The broker in turn sold a subset of the data to other marketing companies. The stolen data included names, addresses, birth dates, bank account and credit card information, the company said in a statement.
For the moment at least, it appears that the companies that bought the information have mainly used the data to send marketing solicitations to affected individuals, Fidelity said in its statement.
"We have no reason to believe that the theft resulted in any subsequent fraudulent activity or financial damage to the consumer," Renz Nichols, president of Fidelity subsidiary Certegy Check Services said.
The database administrator, who has since been terminated, worked for Certegy, which provides a check-authorization service to help merchants decide whether to accept checks as payment for goods and service.
The theft was first noticed when one of Certegy's retail customers in early May reported a correlation between a "small amount" of check transactions and the receipt by the retailers' customers of telephone and mailed marketing solicitations, Fidelity said.
Find your next job with computerworld UK jobs